﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;
using DoeObjects;
using DoeLibsMVC.Security;
using DoeLibsMVC.Models;
using DoeLibsMVC.Filter;

namespace DoeLibsMVC.Controllers.api
{
    public class LoanController : BaseApiController
    {
        /// <summary>
        /// returns all current loans of the user
        /// </summary>
        /// <returns></returns>
        [Security.BasicAuthorize]
        public HttpResponseMessage Get()
        {
            return Request.CreateResponse<IEnumerable<Loan>>(HttpStatusCode.OK, Loan.getActiveLoansFromUser(User.UserId));
        }

        /// <summary>
        /// returns all loans, which have a loanable where the current user is the owner
        /// </summary>
        /// <param name="whereIAmOwner"></param>
        /// <returns></returns>
        [Security.BasicAuthorize(Roles=UserCategoryHelper.STAFF_CATEGORY)]
        public HttpResponseMessage Get(string whereIAmOwner)
        {
            return Request.CreateResponse<IEnumerable<Loan>>(HttpStatusCode.OK, Loan.getLoansFromOwner(User.UserId).Where(l => l.ReturnDate == DateTime.MinValue));
        }


        /// <summary>
        /// returns details about the loan
        /// </summary>
        /// <param name="id"></param>
        /// <returns></returns>
        [Security.BasicAuthorize]
        public HttpResponseMessage Get(int id)
        {
            Loan loan = Loan.getLoan(id);

            if (loan != null)
            {
                if (loan.Borrower.UserId == User.UserId)
                {
                    return Request.CreateResponse<Loan>(HttpStatusCode.OK, loan);
                }
                else
                {
                    return Request.CreateResponse(HttpStatusCode.Forbidden);
                }
            }
            else
            {
                return Request.CreateResponse(HttpStatusCode.NotFound);
            }
        }

        /// <summary>
        /// checks a loan in
        /// </summary>
        /// <param name="id"></param>
        /// <returns></returns>
        [Security.BasicAuthorize]
        public HttpResponseMessage Delete(int id)
        {
            Loan loan = Loan.getLoan(id);

            if (loan != null)
            {
                if (loan.Borrower.UserId == User.UserId)
                {
                    if (loan.checkIn())
                    {
                        return Request.CreateResponse(HttpStatusCode.OK);
                    }
                    else
                    {
                        return Request.CreateResponse(HttpStatusCode.InternalServerError);
                    }
                }
                else
                {
                    return Request.CreateResponse(HttpStatusCode.Forbidden);
                }
            }
            else
            {
                return Request.CreateResponse(HttpStatusCode.NotFound);
            }
        }
    }
}
